The Target Data Hack Cost Banks More Than $200 Million

New estimates pin the cost of last year’s robbery higher than previously thought.

National Journal
Add to Briefcase
Dustin Volz
Feb. 18, 2014, 6:38 a.m.

The gar­gan­tu­an theft of data from cred­it and deb­it cards used at Tar­get stores dur­ing last year’s hol­i­day shop­ping sea­son is now be­lieved to have cost fin­an­cial in­sti­tu­tions more than $200 mil­lion, ac­cord­ing to self-re­por­ted es­tim­ates re­leased Tues­day.

The new num­bers are an up­tick from earli­er cal­cu­la­tions. The Con­sumer Bankers As­so­ci­ation re­vised its es­tim­ate of the cost of card re­place­ments for its mem­bers, rais­ing it from $153 mil­lion to $172 mil­lion. The Cred­it Uni­on Na­tion­al As­so­ci­ation has up­dated its cal­cu­la­tions of dam­ages in­curred by cred­it uni­ons to $30.6 mil­lion, up from $25 mil­lion.

Taken to­geth­er, the costs now sur­pass $200 mil­lion, al­though that tally does not re­flect the costs to fin­an­cial in­sti­tu­tions that are not cred­it uni­ons or op­er­ate out­side the Con­sumer Bankers As­so­ci­ation.

The na­tion­wide heist of fin­an­cial data from Tar­get stores took place from Nov. 27 to Dec. 15 and is be­lieved to have af­fected 110 mil­lion cus­tom­ers. The rob­bery, which now ap­pears to have been made pos­sible due to an email phish­ing scheme de­ployed on a heat­ing and air-con­di­tion­ing con­tract­or, in­cluded names, mail­ing ad­dresses, en­cryp­ted per­son­al iden­ti­fic­a­tion num­bers, and phone num­bers.

Con­gress is eye­ing new ap­proaches to data se­cur­ity in the wake of the breaches at Tar­get and oth­er na­tion­al re­tail chains. Banks have been push­ing re­tail­ers to im­ple­ment bet­ter con­sumer-data pro­tec­tions at their stores.


Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.